You are using an older browser version. Please use a supported version for the best MSN experience.

Q & A on global cyber attack

dpa logodpa 15/05/2017

Malicious software entered computer systems at homes, hospitals and government offices around the globe. How did it manage to wreak so much havoc?

THE GLOBAL CYBER ATTACK: THREE QUESTIONS AND THREE ANSWERS

A massive hack crippled computers across the world on Friday in what was described by experts as a cyber attack unprecedented in scale.

Q: What happened?

A: Tens of thousands of computers in homes, businesses and government agencies were infiltrated by malicious software that encrypted and blocked access to content until users paid between $US300 ($A406) and $US600 ($A812) in the digital currency bitcoin. Nearly 100 countries were hit in the attack.

Q: What accounts for its scale?

A: Hackers exploited vulnerabilities in the most widely used operating system in the world: Microsoft Windows. The software giant issued a fix in March to correct the security flaw, but computers that did not run the update were susceptible to infection.

The highest-profile organisation to fall victim to the cybercrime was Britain's National Health Service, which uses the 15-year-old Windows XP operating system on its computers.

Windows XP is so old that Microsoft was no longer offering free software updates for it. The company announced on Saturday that it was reversing that policy.

Q: How does the malware enter the computer?

A: The cyber weapon involved in the attack is malware known as Wanna Decryptor or WannCry. It infiltrates computers by way of links and attachments in spam emails.

Security experts say unknown hackers took advantage of tools stolen from the US National Security Agency. Portions of the spy agency's sophisticated cyber arsenal have been leaked online in recent months.

Q: Could this kind of attack be repeated?

A: Yes. Any computer that doesn't have up-to-date software is at risk. Even then, modern software is so complex that new vulnerabilities are always being discovered.

Some are fixed by their developers before they're found but others are reached first by intelligence agencies or criminal hackers, as in this case.

Q: So if the NSA had informed Microsoft about the vulnerability rather than stockpiling it, the attack might not have happened?

A: Possibly not. That's why IT experts warn that vulnerabilities represent a danger for everyone. In the United States there's a committee that decides whether vulnerabilities should be patched or exploited. Usually the software developers are informed.

Q: How secure is critical infrastructure?

A: The Stuxnet worm that was used to destroy Iran's nuclear program a decade ago has already demonstrated how industrial computer systems can be manipulated.

Companies are aware of this, and a lot of money is spent on securing critical infrastructure such as transport and telecommunications. That's why only relatively unimportant systems at Spanish telecom giant Telefonica and Germany's rail operator Deutsche Bahn were affected in Friday's attack.

According to experts, there has only been one known successful cyber attack on an electricity grid, and that was in Ukraine in 2015.

Q: What can consumers do to protect themselves?

A: Keeping your software up to date is the absolute minimum, according to Ruediger Trost of the IT security firm F-Secure. Firewalls should also be used to monitor data traffic, even within a network to prevent one computer from infecting others. And be careful when clicking on links in emails.

Finally, be prepared and always keep a back-up.

image beaconimage beaconimage beacon